Location:Singapore, SG
Job Function: Chief Operating Officer’s Office
Job Type: Permanent
Req ID: 16715
GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.

WHAT IMPACT CAN YOU MAKE IN THIS ROLE?

You will be empowered to be at the top of your game by providing strategic partnership, and innovative technology solutions that supports GIC’s vision of being a tech-driven, global, long-term investment firm.

WHAT WILL YOU DO AS AN VP, INFORMATION & TECHNOLOGY RISK MANAGER?

Risk Assessment and Management

• Conduct comprehensive risk assessments for technology-related areas, including cloud security, API security, SSDLC, and network security.
• Develop and implement risk management frameworks, and procedures.
• Monitor and report on technology risk exposures and mitigation efforts.

Oversight and Governance

• Provide independent oversight of technology risk management activities conducted by the first line of defense.
• Ensure compliance with regulatory requirements and internal policies.
• Review and challenge risk assessments, controls, and mitigation strategies.

Collaboration and Communication

• Work closely with IT, cybersecurity, and other relevant teams to ensure effective risk management practices.
• Communicate risk findings and recommendations to senior management and the board.
• Facilitate risk awareness and training programs

Incident Management

• Oversee the response to technology-related incidents and breaches.
• Conduct post-incident reviews and ensure lessons learned are integrated into risk management practices.

Continuous Improvement

• Stay updated on emerging technology risks and industry best practices.
• Continuously improve risk management frameworks and controls.
• Lead initiatives to enhance the organization’s technology risk posture.

WHAT QUALIFICATIONS OR SKILLS SHOULD YOU POSSESS IN THIS ROLE?

• 8-10 years of experience, preferably with exposure to technology risk management within risk control and audit functions in the IT infrastructure and cyber security domain.
• Demonstrated experience in identifying, assessing, and advising on technology risks and controls in a cross-disciplinary technology environment, preferably within a financial institution.
• Strong understanding of regulations from authorities such as MAS, RBI, HKMA, and familiarity with industry standards including ISO, NIST, ITIL, and cybersecurity frameworks.
• Experienced IT risk professional with exposure to Agile methodologies, DevSecOps practices, cyber security, network security, API security, cloud security and technologies.
• Excellent organizational, problem-solving, interpersonal, and operational skills to effectively drive the IT Risk agenda within IT functions.
• Strong communication skills at all levels, with the ability to effectively engage with IT teams, senior management, and line staff to drive IT risk mitigation initiatives and other IT risk management activities.
• Strong interest in staying updated on the latest regulations, emerging technologies, system vulnerabilities, and technology risk trends to maintain relevance in the rapidly evolving technological landscape.